We do advise using rabbitmq and erlang’s latest versions if you plan on using TLS protected connections with Rabbitmq.
A simple way of doing this would be to use Bintray’s repo located at: https://www.rabbitmq.com/install-rpm.html#bintray
to download both the latest versions of rabbitmq and erlang.

If you wish to use meteor as the authentication handler you’ll also need to install the Accounts-Password pkg:

meteoraddaccounts-password

You may want to edit the /meteor/imports/settings.js file to properly configure the URLs and Authentication
The default setting will use Meteor Accounts, but you can just as easily install an external provider like Github, Google, Facebook or your own OIDC:

mozdef={...authenticationType:"meteor-password",...}

or for an OIDC implementation that passes a header to the nginx reverse proxy (for example using OpenResty with Lua and Auth0):

Or you can bundle the meteor portion of mozdef to deploy on into a different directory.
In this example we place it in /opt/mozdef/envs/meteor/mozdef:

#!/bin/bashif[-d/opt/mozdef/meteor]thencd/opt/mozdef/meteorsource/opt/mozdef/envs/python/bin/activatemkdir-p/opt/mozdef/envs/meteor/mozdefmeteornpminstallmeteorbuild--serverlocalhost:3002--directory/opt/mozdef/envs/meteor/mozdef/cp-rnode_modules/opt/mozdef/envs/meteor/mozdef/node_moduleselseecho"Meteor does not exist on this host."exit0fi

There are systemd unit files available in the systemd directory of the public repo you can use to start mongo, meteor (mozdefweb), and the restapi (mozdefrestapi).
These systemd files are pointing to the bundled alternative directory we just mentioned.

If you aren’t using systemd, or didn’t bundle to the alternative directory, then run the mozdef UI via node manually:

We use uwsgi to interface python and nginx, in your venv execute the following:

wgethttps://projects.unbit.it/downloads/uwsgi-2.0.17.1.tar.gztarzxvfuwsgi-2.0.17.1.tar.gzcduwsgi-2.0.17.1~/python2.7/bin/pythonuwsgiconfig.py--build~/python2.7/bin/pythonuwsgiconfig.py--pluginplugins/pythoncorecppython_plugin.so~/envs/python/bin/cpuwsgi~/envs/python/bin/cd..cp-r~/mozdef/rest~/envs/mozdef/cp-r~/mozdef/loginput~/envs/mozdef/cd~/envs/mozdef/rest# modify config filevimindex.conf# modify restapi.ini with any changes to pathing or number of processes you might need for your use case.vimrestapi.inicd../loginput# modify loginput.ini with any changes to pathing or number of processes you might need for your use case.vimloginput.ini

Alternatively, if you do not wish to use the systemd unit files for starting these processes
you can start the restapi and loginput processes from within your venv via:

We use supervisord to run the alerts and alertplugins. If you plan on starting services manually, you can skip this step.

To install supervisord perform the following as the user mozdef:

cd/opt/mozdef/envs/pythonsourcebin/activatecdbinpipinstallsupervisor

Within the alerts directory there is a supervisord_alerts.ini which is preconfigured.
If you’ve changed any directory paths for this installation then modify it to reflect your pathing changes.
There are systemd files in the systemdfiles directory that you can use to start the mozdefalerts and mozdefalertplugins processes which we cover near the end of this tutorial.